Information on data processing
Protecting your data is important. We are therefore taking this opportunity to explain how we at E.G.O. Elektro-Gerätebau GmbH process your data, and what rights you have with regard to data processing.
The controller responsible for processing is E.G.O. Elektro-Gerätebau GmbH, Blanc-und-Fischer-Platz 1-3, 75038 Oberderdingen, Germany, info.germany(at)egoproducts.com.
The data protection officer can be reached at the aforementioned address, FAO Data Protection Officer, or at datenschutz(at)egoproducts.com.
This data processing information is designed to explain how we process your data when you visit this website.
1. Subject matter of data protection
The subject of data protection is personal data. Personal data means individual details about the personal or factual circumstances of an identified or identifiable natural person or, according to Art. 4 GDPR, all information relating to an identified or identifiable person. The term personal data also includes information such as names, addresses, e-mail addresses, or telephone numbers, but also usage data such as your IP address or content data such as the letter you composed or your résumé.
2. Scope and purposes of data processing
Apart from the processing of the IP address of the computer you are currently using, it is generally possible to use the website without providing personal data. If you send us an e-mail, we will of course also receive personal data from you. Read more about this below. Please also note our information on cookies.
2.1 Processing the IP address
The processing of your IP address is absolutely necessary in order to use the page so the data packages of our website can be sent to you. Both the web server and your internet device have an IP address and contact each other via this address in order to provide each other with data. You can see the website, and we receive the data you enter.
If you use our website for information purposes only, i.e., if you do not register or otherwise transfer information to us, we only collect data that your browser transmits to our server (“server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- The visited website
- Date and time of access
- Amount of data sent in bytes
- Source/reference from which you accessed the page
- Browser used
- Operating system used
- IP address used (if applicable, in anonymized form)
Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files at a later date if there are concrete indications of illegal use.
Log files on the web server are deleted after 7 days.
2.2 Contact options
2.2.1 Contact form, e-mail, telephone
Personal data is collected when you contact us (e.g., via our contact form, e-mail, or telephone). The data collected if a contact form is submitted is displayed in the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or inquiry and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR.
The E.G.O. Elektro-Gerätebau GmbH is part of the Blanc & Fischer Group. Your contact request may be shared within this Group to ensure that your request can be answered by the appropriate point of contact.
If your making contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after we have finished processing your request. This is the case if it can be deduced from the circumstances that the matter in question has been permanently clarified and if there are no statutory retention obligations to the contrary. You can find further information on data processing when concluding contracts via the following link to our information obligations for customers, interested parties, suppliers, and service providers.
2.2.2 Powermail captcha
We use Powermail CAPTCHA on our website. The service provider is Powermail Development Team, TYPO3 Association, Sihlbruggstrasse 105, CH 6340 Baar, Switzerland. Powermail CAPTCHA should be used to check whether the data entered on this website (e.g., in a contact form) is submitted by a person or by an automated program.
Powermail uses CAPTCHA cookies for this analysis. The cookies are stored across all devices for the purpose of analyzing your surfing behavior when you visit our website. Powermail CAPTCHA evaluates various pieces of information (e.g., IP address, length of time the website visitor stays on the website, or mouse movements made by the website user). This data is generally not passed on to third parties or stored.
The legal basis for this is Art 6(1)(1)(f) GDPR. As the website operator, we have a legitimate interest in protecting our website against abusive automated spying and spam. If the corresponding consent has been obtained, processing takes place exclusively on the basis of Art. 6(1)(1)(a) GDPR. For further information on data processing by Powermail CAPTCHA, please visit: https://typo3.com/privacy-policy.
2.4 Purpose-related use of data, transmission of data
The principle of using data for specific purposes is strictly observed. All aforementioned data is only processed for the purposes specified in this information on data processing.
The data will not be transmitted except if consent has been provided or if legally required (e.g., request for disclosure by authorities or on the basis of court rulings).
2.5 Google Analytics web analytics service
With your consent (pursuant to Art. 6(1)(a) GDPR), this website uses Google Analytics, a web analytics service of Google LLC (hereinafter: “Google”). In this context, pseudonymized usage profiles are created and cookies (see Section 2.3) are used. The information generated by the cookie about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), and time of the server request, is sent to a server of Google Ireland Ltd. within Member States of the European Union or in other States party to the Agreement on the European Economic Area. Your IP address is anonymized on the servers and then transferred to a Google server in the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. We have concluded a data processing agreement with Google concerning the use of Google Analytics. Through this agreement, Google assures that it processes the data in accordance with the General Data Protection Regulation and guarantees that the rights of the data subject are protected.
With your consent to the use of Google Analytics, you give your consent in accordance with Art. 49(1)(1)(a) GDPR for the transfer of your data to a third country (USA). Please note that there is no adequate level of data protection in the US and there is a risk that your data may be processed by US authorities for control and monitoring purposes without you being entitled to legal remedies.
The information is used to evaluate the use of the website, to compile reports on website activities, and to provide other services associated with website use and internet use for the purposes of market research and the needs-based design of these websites.
This information may also be transmitted to third parties if this is required by law or if third parties process this data on behalf of another party. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that they cannot be assigned to individuals (IP masking).
You can prevent the installation of cookies by adjusting the settings in your browser software accordingly. However, we would like to point out that in this case, it may not be possible to use all features of this website to their full extent.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on or deactivating it via the “Cookie settings.” You can find the “Cookie settings” in the footer of the website.
You can find further information on data protection in connection with Google Analytics at https://policies.google.com/privacy?hl=de&gl=de or https://marketingplatform.google.com/about/analytics/terms/de/.
The Google Analytics tracking measures are based on Art. 6(1)(1)(a) GDPR. In this way, we want to ensure that our website is designed to meet requirements and is continuously optimized. On the other hand, we use Google Analytics to statistically record how our website is used. Furthermore, we use the data for the optimized display of advertising content. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
Please note that the service is hosted in the U.S., and your IP address is transmitted to the U.S. The U.S. is not a safe third country. It cannot be ruled out that your data will be used for other purposes without your knowledge and that you will not be able to exercise your rights as a data subject. This cannot be ruled out, in particular, by law enforcement and intelligence authorities. With your consent to the use of DoubleClick, you give your consent in accordance with Art. 49(1)(1)(a) GDPR for the transfer of your data to a third country (USA).
You can deactivate DoubleClick at any time via the “Cookie settings.” You can find the “Cookie settings” in the footer of the website.
2.7 Using script libraries (fast fonts)
In order to ensure that our content is presented correctly and visually appealing across browsers, we use script libraries and font libraries from Monotype Imaging Inc. on this website. Web fonts are cached in your browser to avoid repeated loading. If the browser does not support the web fonts or prevents access, content is displayed in a standard font.
Calling up script libraries or font libraries automatically triggers a connection to the library operator. Here, it is technically necessary to transfer your IP address to the provider in order to retrieve the font content for display.
The data transfer is based on the legitimate interest (pursuant to Art. 6(1)(f) GDPR) of being able to display the content provided quickly, correctly, and across browsers and operating systems.
3. Disclosure of data
In addition, any deployed software and IT service providers can access the data.
4. Duration of data processing
We are committed to the principles of proportionate, purpose-bound data processing and data minimization.
Unless specified otherwise, we only process your personal data for as long as we need your data, e.g., to establish a connection from your server request to ours or to process your inquiry.
However, if your e-mail inquiry is a commercial/business letter within the meaning of the German Commercial Code (HGB), we are obliged to retain it for six years in accordance with Section 257 HGB.
5. Social Media (Facebook, Instagram, LinkedIn, XING, YouTube)
To increase our online presence, we use social media platforms to report on products and the company, and to be able to exchange information with customers, suppliers, employees, interested parties, and job applicants. In doing so, we also process personal data.
In principle, data processing is based on the regulations of the social media platform. Data processing is handled by the platform operator. Further information can be found in the data privacy policies of the operators:
We process personal data for the following internal purposes:
In principle, data processing only takes place within the social media platform. Use outside of the platform is only permitted if it is absolutely necessary for processing the purpose or for processing an issue expressed by you. You can find more details about this data processing in the information obligations.
If the data is processed on the basis of a legitimate interest, this is based on our interest in implementing measures for business management and further development of services and products, implementing advertising measures for our own or Group-wide services and products, and in order to process your inquiries, complaints, returns, or other concerns.
The data is deleted in accordance with the rules of the social media platforms or when a group of advertising measures or a post is deleted. Data of participants in a survey or of participants in a competition will be deleted at the end of the process, as long as no other information has been accepted in a declaration of consent or there are statutory retention obligations.
Additional explanation regarding Facebook and Instagram
We are jointly responsible for the processing of insights data with Meta Platforms Ireland Limited („Meta Ireland“). Details concerning the responsibilities can be found at https://de-de.facebook.com/legal/terms/page_controller_addendum
Meta Ireland agrees to assume primary responsibility under the GDPR for the processing of insights data and to fulfill all obligations under the GDPR with regard to the processing of insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR, and Articles 32 to 34 GDPR). In addition, Meta Ireland will make the essentials of this website insights add-on available to the data subjects.
Additional explanation regarding LinkedIn Insights
We are jointly responsible for the processing of insights data with LinkedIn. Details concerning the responsibilities can be found at https://legal.linkedin.com/pages-joint-controller-addendum.
LinkedIn agrees to assume primary responsibility under the GDPR for the processing of insights data and to fulfill all obligations under the GDPR with regard to the processing of insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR, and Articles 32 to 34 GDPR). In addition, LinkedIn will make the essentials of this website insights add-on available to the data subjects.
Use of the social media management platform ("Hootsuite")
For the uniform organization and management of interactions across the various social media channels, we use the social media management platform of Hootsuite. The platform is provided by the service provider HootSuite Inc, 111 East 5th Avenue, Vancouver, BC, Canada V5T 4L1.
The legal basis for the processing is our legitimate interest pursuant to Art. 6 (1) p. 1 lit. f DSGVO to manage our social media platforms in a uniform manner and to prepare, publish and respond to interactions. In doing so, the personal data is provided directly by the page visitor of the social media platform.
Hootsuite ensures that this data is encrypted not only in transit, but also at rest. Hootsuite's platform is protected by a robust cybersecurity framework that complies with NIST.
We have concluded a corresponding order processing agreement with the service provider in accordance with Art. 28 GDPR (Data Processing Addendum "DPA"). For more information about Hootsuite, please visit https://www.hootsuite.com/, https://www.hootsuite.com/legal/privacy or https://www.hootsuite.com/de/legal/general-data-protection-regulation.
6. Registration on the supplier platform
You have the option of registering on the supplier platform on our website. To do so, use the registration portal on our website. Data provided to E.G.O. will be stored, processed, and used by E.G.O. for the following purposes: Management of operational processes, quality assurance measures, supplier relationship management, risk management, use of information and communication systems, administration of the supplier portal, legal requirements and regulations.
The legal basis for processing is your consent pursuant to Art. 6(1)(a) GDPR to perform the service described above to register you on the supplier platform, or the execution of a license agreement with you (Art. 6(1)(b) GDPR).
By entering your personal data, you grant E.G.O. permission to save it for the above purposes. This permission can be revoked at any time by e-mail to the responsible purchaser, following which the supplier portal can no longer be used. If deletion is not possible for legal reasons, the respective data will be blocked instead. Please note that we may save the data related to orders that can be viewed in your merchant account for longer periods of time (see point 2.2)).
We would like to point out that certain data in the supplier platform may be subject to statutory retention periods, so we must retain it for longer due to legal trade or tax law stipulations. This information is then only used as legal evidence if required and is generally deleted after ten years.
7. Rights of the data subject
The applicable data protection law grants you extensive data subject rights (information and intervention rights) towards the Controller with regard to the processing of your personal data; these are as follows:
- Right of access pursuant to Art. 15 GDPR: In particular, you have a right of access to your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period and the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you directly, the existence of automated decision-making processes including profiling, and, where applicable, significant information about the logic involved, and the scope and intended effects of such processing affecting you, as well as your right to be informed of the guarantees pursuant to Art. 46 GDPR when transferring your data to third countries;
- Right to rectification pursuant to Art. 16 GDPR: You have the right to have incorrect data concerning you corrected without delay and/or to have incomplete data stored by us completed;
- Right to erasure pursuant to Art. 17 GDPR: You have the right to request deletion of your personal data if the requirements of Art. 17(1) GDPR are met. However, this right shall not apply, in particular, if processing is necessary for the exercise of the right of freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data contested by you is checked, if you reject a deletion of your data due to unauthorized data processing and instead request the restriction of the processing of your data, if you require your data for the establishment, exercise, or defense of legal claims once we no longer need this data after the purpose has been achieved, or if you have lodged an objection for reasons pertaining to your particular situation, as long as it has not yet been determined whether our legitimate reasons override your request;
- Right to information pursuant to Art. 19 GDPR: If you have asserted the right to rectification, erasure, or restriction of processing against the Controller, the Controller is obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
- Right to data portability pursuant to Art. 20 GDPR: You have the right to receive the personal data that you have provided to us in a structured, standard, and machine-readable format, or to request the transfer to another Controller, insofar as this is technically feasible;
- Right to withdraw consent granted pursuant to Art. 7(3) GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned without delay, provided that there is no legal basis for further processing without consent. Withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until its withdrawal;
Right to object in accordance with Art. 21 GDPR:
If we process your personal data in the context of a balancing of interests on the basis of our overriding legitimate interest, you have the right at any time to object to this processing with future effect for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, further processing may take place if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purposes of such advertising. You can object as described above. If you exercise your right to object, we will terminate the processing of the data concerned for direct marketing purposes.
To exercise the aforementioned rights, please contact our data protection officer at datenschutz(at)egoproducts.com
- Right to lodge a complaint in accordance with Article 77 GDPR: If you believe that the processing of personal data concerning you violates the GDPR, you have the right—without prejudice to any other administrative or judicial remedy—to lodge a complaint with a supervisory authority, in particular in the Member State of residence, your place of work, or the place of the alleged violation. A list of supervisory authorities including their contact details can be found at the following link: https://www.bfdi.bund.DE/DE/Infothek/Anschriften_Links/anschriften_links-node.html.